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Abstract. For many a natural deduction style logic there is a Hilbert-style logic that is 
equivalent to it in that it has the same theorems (i.e. valid judgements ThP where F — 0). 
For intuitionistic implicational logic, the axioms of the equivalent Hilbert-style logic can 
be propositions which are also known as the types of the combinators I, K and S. 

Natural deduction versions of illative combinatory logics have formulations with axioms 
that are actual type statements for I, K and S. As pure type systems (PTSs) are, in a 
sense, equivalent to systems of illative combinatory logic, it might be thought that Hilbert 
style PTSs (HPTSs) could be based in a similar way. 

This paper shows that some PTSs have very trivial equivalent HPTSs, with only the ax- 
ioms as theorems and that for many PTSs no equivalent HPTSs can exist. Most commonly 
used PTSs belong to these two classes. 

For some PTSs however, including A* and the PTS at the basis of the proof assistant 
Coq, there is a nontrivial equivalent HPTS, with axioms that are type statements for I, K 
and S. 



Introduction 

Most early logical systems (for propositional and predicate logic) allowed no hypotheses 
and so had no rules for introducing or cancelling them. These could be represented by a 
finite set of axiom schemes and rules of inference such as modus ponens and generalisation. 

Later natural deduction systems which did allow hypotheses had fewer axiom schemes 
but required introduction and elimination rules for hypotheses. Herbrand showed that 
classical Hilbert style and natural deduction style propositional and predicate logics had 
the same theorems (i.e. judgements with empty contexts). 
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Pure type systems (PTSs), denned below, have two rules that introduce hypotheses and 
two that cancel them. In this paper we answer a question of Fairouz Kamareddine "Are there 
Hilbert style PTSs?". When we define Hilbert style PTSs (HPTSs) as PTSs with empty 
contexts, with a finite set of extra axiom schemes, with s±, S2, S3, . . . representing arbitrary 
sorts, and some extra rules, it is obvious that there are HPTSs. We will be interested in 
whether, for PTSs, there are theorem equivalent HPTSs. We will answer this question for 
a number of classes of PTSs which include all the PTSs, from the standard literature, that 
we have examined. The methods we use, for proving that a HPTS is equivalent to a PTS, 
are along the lines of those of Herbrand, but rather more complex. 

Just as combinator based programming languages, requiring no free, or in fact, no 
variables, have proved useful in practice, perhaps an HPTS, which also requires no (free) 
variables, that is theorem equivalent to a PTS may be useful. Also, perhaps some metathe- 
oretical results may be proved more easily for an HPTS than for the equivalent PTS. 

1. Pure Type Systems 

Each Pure Type System (PTS) AX has a set of variables V, a set of constants C, a set of 
"sorts" S C C. It has a class of pseudoterms given by T = V \ C \ (JIV :T.T)\ (XV : T.T) \ T T. 
If M and N are pseudoterms, M : A is a statement, T is a context if it is a sequence of 
statements; r h M : A is then called a judgement. A PTS has a set of axioms A each of 
the form c : s where c £ C and s £ S. Then it has a set 1Z of triples (si, S2, S3) € 5 3 , which 
determine under what conditions a term Hx:A.B is in a sort. Most PTSs are known by a 
"specification" (S, A, TV) (as usually C = S). 
The PTS postulates are as follows: 

c: s £ A 
h c : s 

T h A : s 
T,x : AY- x : A 

TV-M-.B TV- A: s x <£ FV(T) 
T,x : A h M : B 

r h M : (Ux:A.B) r h N : A 
r h MN : B[x := N] 

T,x : A\- M : B T h (Ux:A.B) : s 
r h (\x:A.M) : (Ux:A.B) 

T,x : AV- B : s 2 V h A : Sl (si, s 2 , s 3 ) € 11 
r h (Ux-.A.B) : s 3 

r h M : A YVB : s A= B 
r h M : B ' 

When there are two judgements as premises in a rule, we call the left one the major premise 
and the right one the minor premise. 

Later we will need the following definition: 



(axiom) 

(start) 

(weakening) 

(application) 

(abstraction) 

(product) 

(conversion) 
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Definition 1.1 (Inhabited and Normal Form Inhabited Sorts). 
s is an inhabited sort (s € 1) if h A : s for some A. 

s is a normal form inhabited sort (s G A/") if for some term A in normal form, h ^4 : s. 

The translation [ ] of Bunder and Dekkers [3] translates the pseudoterms and statements 
of PTSs into terms of illative combinatory logic (ICL) as follows: 

[x]=x, [c]=c, [XY] = [X][Y] 
[X : A] = [A][X], [Ux-.X.Yx] = G[X][Y] (x <£ FV(XY)) 
where G = Xxyz.Ex(Syz) (S is the combinator equivalent to Xxyz.xz(yz)). Terms in 
ICL can be represented without any free variables at all using the combinators S and K 
(equivalent to Xxy.x). 3xy represents roughly (Vu £ x)y(u) or x C y. 

ICL, designed as a foundation for logic and mathematics, has a rule like (abstraction) 
which was derived in Bunder [2] from a set of axioms. In Section 6 we will see how the 
methods developed there lead to the ones used here. The main difference between PTSs 
and standard ICLs, other than the lack of distinction between terms and types, lies in 
the (abstraction) rule. The direct counterpart to the ICL rule would have r h A : s, for 
r h (Hx:A.B) : s. This is the most important factor in making it difficult to have equivalent 
Hilbert-style PTSs. 



2. HlLBERT-STYLE PTSS 

We define Hilbert-style PTSs as follows: 

Definition 2.1 (HPTS). Each Hilbert style Pure Type System (HPTS) has V, C, S, T, 
statements, contexts and judgements as for PTSs, except that the contexts are always 
empty. A HPTS has a set of sorts S and a set of axioms A, as for PTSs, and an additional 
finite set B of axiom schemes in which "sort variables" can be replaced by sorts. Most 
HPTSs are known by a "specification" («S, A, B) (as usually C = S). A HPTS has the PTS 
(application) and (conversion) rules (with empty contexts) as well as: 



(type reduction) 
(subject reduction) 



h M : A A-> p B 
h M : B. 

h M : A M ->p N 
\- N : A. 



Note the latter rules are derivable for all PTSs, for HPTSs neither is, even using (con- 
version). 

Definition 2.2 (Equivalent HPTS). If XX is a PTS with specification (S,A,H), a HPTS 
XX h , with specification (S, A, B) will be equivalent if 

(VM,^l)(h x M : A 44> h xh M : A). 

Here \- x stands for provability in XX and \- xh in XX h . If the PTS is arbitrary or obvious 
from the context we use h and h h . B will a function of 1Z, i.e. it will include axioms such 
as h h [Xu:si.Xv:(Ux:u.S2).Hx:u.vx] : [Hu:si.Hv:(Ilx:u.S2)-Ss\ if (si,S2,ss) € 1Z. 
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Below are some PTSs that have been studied in the literature (particularly Barendregt 
[1] and Geuvers [4]). 

In A T , S = {*}, C = {*, 0}, in all other cases C = S consists of all the constants visible 
in A and TZ. (si, S2) is used as an abbreviation for (si, S2, S2). 
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,(*,□),(□,□)} 


APw = AC 


A = 


{* 


□} 




1Z = 


{(* 


*/ 


,(*,□),(□,*),(□,□)} 


AAUT-68 


A = 


{* 


□} 




1Z = 


{(* 


*/ 


, (*, □, A), (□, *, A), (□, □, A), (*, A), (□, A)} 
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*/ 


,(□,*),(□,□)} 



The PTS used in the proof assistant Coq we will call ACoq. It has as axioms: 

h * p : Di h * s : Di Mi G N h : D i+1 . 
More axioms are generated by 

A : B,B : C eA => A : C e A. 
In early versions TZ is given by 

(*si *s); (*s; (*p ; *s)i {*pi Dj), (* s , Dj), (Dj, (Dj, * s ), (Dj, \3j, ^ m ax{i,j)) £ 

for all i,j G IV. Coq 8.0 replaces (□,, * s ) G 7£ by (□;, * s , G 7£. 

We will be able to determine whether or not there are equivalent HPTSs for all of the 
above. 
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3. Some PTS Lemmas and Definitions 

We now state a number of standard lemmas for PTSs. Most proofs can be found in Baren- 
dregt [1] or Bunder and Dekkers [3]. 

Lemma 3.1 (Free Variable Lemma). If x\ : A\, . . . , x n : A n b M : B, then 

(i) x\, . . . ,x n are distinct; 

(ii) FV(M,B) C { Xl ,...,x n }; 

(iii) FV(Ai) C {xi . . . , x;_i} for\<i<n. □ 

Lemma 3.2 (Substitution Lemma). If T\,x : A, F 2 b M : B and Fi b N : A then 
ri,r 2 [s := N] b M[x := N] : B[x := N}. ' □ 

Lemma 3.3 (Condensing Lemma). IfTi,x : A, F 2 b M : B, where x ^ FV(F 2 , M, B), 
then ri,r 2 b M : B. □ 

Lemma 3.4 (Generation Lemma). Lei r b M : B. Then 

(i) MecGC (3s G S) B = p s k c : s G A; 

(ii) M = x (3C) B =/3 C7 & x : C <E T; 

(iii) M = IIxiC.B- (3si, s 2 , s 3 ) (si, s 2 , s 3 ) G ft & T b C : si 

k F,x : C b £■ : s 2 & B =g s 3 ; 

(iv) M = Ax:C.iV (3s € S) (3D)r, x : C b iV : D & B = j9 IIx:C.£> 

& r b (Hr:C.I>) : s; 

(v) M = PQ (3C,D)T b P : Ylx.C.D k F b Q : C k B =3 D[x := Q]. 

In each case the derivations, of the judgements of the form F b R : E in (iii) to (v), are 
shorter than that ofF\~M:B. □ 

Lemma 3.5 (Correctness of Types Lemma). // F b M : B then (3s G S) [B = s or 
F\-B:s]. □ 

Lemma 3.6 (Subject and Type Reduction Lemma). IfFhM : B, then 

(i) M N implies F b N : B, 

(ii) and B -»g ^ implies F \- M : A. □ 

Lemma 3.7 (Start Lemma). IfF\~M : B, then 

(i) (c : s) G A implies F b c : s, 

(ii) r = xi : Ai,...,x n : A n implies that for < i < n there is an s G 5 suc/i £/iat 
xi : ^4i, . . . ,Xi : ^ b A i+ i : s. □ 



4. PTSS WHERE .4 IS THE SET OF THEOREMS 

The following lemma specifies a set of PTSs whose axioms are its only theorems. The 
equivalent HPTS is then trivially one with no extra axioms, i.e. with B = 0. 

Lemma 4.1. In a PTS satisfying 

(Vc,ai)((c: si) &A => ~ (3s 2 ,s 3 )[(si,s 2 ,s 3 ) €H]) ($) 

we have b M : A & M : A G A. 
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Proof. We show M : A £ A by induction on the derivation of 

h M : A. (4.1) 

(|4.ip clearly does not come by (start) or (weakening). 
If (|4.ip comes by (application) from 

h P : (Ux:C.D) and h Q : C 

where M = PQ and y4 = D[x := Q], we have by the induction hypothesis P : (Hx:C.D) S A, 
which is impossible. 

If (|4.ip comes by (abstraction) from 

x : Bh N :C and h (Hr:5.C) : s 

where M = Xx:B.N and A = Tlx.B.C, then by the induction hypothesis (Jix:B.C) : s £ A, 
which is impossible. 

If (|4.ip comes by (product) from 

x : B \- C : S2 , \~ B : s\ and (si, S2, S3) € 7?. 

where M = Hx:B.C and ^4 = S3, then, by the induction hypothesis, {B : s\) G ^4, which is 
impossible by ($). 

If (|4.ip comes by (conversion) from 

h M : B , h A : s and 4=^8 

then by the induction hypothesis (M : B), (A : s) € A. However then A and B must be in 
normal form and so A = B and (M : A) € A. 

If (14.11) is an axiom, the result holds trivially. □ 

This implies the following theorem and corollary. 

Theorem 4.2. A PTS satisfying ($) has an equivalent HPTS, with B = 0, but this is trivial 
in that it has only its axioms as theorems. □ 

Corollary 4.3. and XP each have an equivalent HPTS, but h * : □ is the only theorem 
of both systems. □ 



5. PTSs with no Equivalent HPTS 

In and AP there is no term A such that h A : * and the only theorem is h * : □. 

We can show, by a single (product) rule preceeded by two uses of an axiom and a (start) 
or (weakening) rule, that in the other PTSs, given in Section 2, there are theorems that are 
not axioms. Most of these are given below. 

Lemma 5.1. 

(i) In A T we have h (na;:0.0) : *. 

(ii) In X*, X2, AP2, Xto, AC, AU and AHOL, we have h (Tlx: * .x) : *. 

(iii) In Xlj and XPlv, we have h (Tlx: * .*) : □. 

(iv) In AAUT-68, AAUT-QE and APAL we have h (Ux: * .*) : A. □ 
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We now give a condition under which, in a PTS, certain sorts have an infinite number 
of inhabitants of the form Ux:A.B that are not substitution instances of each other. We 
show later that many PTSs with this property cannot be equivalent to HPTSs. 

Lemma 5.2. Assume that in a PTS there is a finite sequence s%, S2, ■ ■ ■ , s n G S such that: 

(3n G N) n > 1 & si = s n G M & (Vi) (l < i < n (3s' G 1 & (s , s h s i+1 ) G 11)) 

($si,...,s n ) 

then 

h (Ux:A.B) : Sl 

for an infinite number of (3-distinct terms Ux:A.B which are not (s; L for Sj) substitution 
instances of each other. 

Proof. Assume that we have . . . , s n ) for si, S2, ■ ■ ■ G S. 
As si G M we have, for some A%, in normal form 

h A x : si. 

Now we show, by induction on i that, for 1 < i < n, there is a -£>i_i and an Ai = 
Tlxi-i:Bi^i.Ai^i such that 

\-Ai>8i. (5.1) 
For each i we have, by ($si, . . . , s n ), an s' such that (s', Sj_i, Sj) G TZ and a i?j_i such that 

h : s'. 

When i = 2 we have h j4i : si above, otherwise we have h ^4j_i : Sj_i by the induction 
hypothesis. By (weakening) we have 

: Bi-i h ^4i_i : Sj_i 

and by (product) we have (|5.ip . So (|5.ip holds for 1 < i < n and, as we have s\ = s n , 

h A n : si. 

Repeating the above, with A n for Ai, we get h Am-i '■ $i and similarly h A^ n ^2 ■ s\,. . . 
If A iri - i+ i =/3 Ajn-j+i for i < j, then 

nxi n —i.Bi n —i.Ai n —i — p Tlxj n —j.Bj n —j.Aj n —j 

and so An-i = f3 ^jn-j and eventually 

^4-1 =/3 ^(j-i)(n-l)+l- 

But Ai is a proper part of j4(j_j)( n _i) +1 and is in normal form, which is impossible. Hence 
A n , A2n-i, ^3n-2i • • • are /3-distinct inhabitants of s all of the form Ux:A.B, which are not 
substitution instances of each other. □ 

($si, . . . , s n ) is satisfied for many sequences si, S2, • • • ., s n and many PTSs. Here we list 
one such sequence and sort for most of the PTSs given in Section 2. 

Lemma 5.3. 

(i) A T , A* and A2 satisfy ($*,*). 

(ii) \u, \uj, AP2, APw ; AC, AU and AHOL satisfy ($□,□). 

(iii) AAUT-68, AAUT-QE and APAL satisfy ($A,A). 
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Proof. 

(i) By Lemma l5.1( i). (ii) with s' = *. 

(ii) For AP2, by Lemma l5.1( ii). with s' = *. For the others with s' = □. 

(iii) By Lemma l5.1( iv) with s' = □. □ 

Now we can prove the main result in the section. 

Theorem 5.4. //, in a PTS XX , ($si, . . . , s n ) holds for soma si, ... t s n (E S and 

(Vsi,S2,4)(( s i ; s 2>4) G (si : s' 2 ) & A) , ($$si) 

i/ien there is no HPTS equivalent to XX . 

Proof. By Lemma 15.21 if ($si, . . . , s n ) holds we have, for an infinite number of (5 - distinct 
terms Ux:A.B, which are not substitution instances of each other 

h (Ux:A.B) : si. 

Suppose that there is an equivalent XX h . 

As a HPTS has only a finite set of axioms B, at least some must be derived, in XX h , 
by (application) and perhaps (conversion), (type reduction) and (subject reduction) from 

h h P : (Uy.D.E) and h h Q : D 

where PQ — >p UxA.B and E[y := Q] —>p s\. By the equivalence of AX and XX h also: 

h P : {Uy.D.E) and h Q : D. (5.2) 

So by correctness of types (Lemma 13. 5 [) . for some s' 3 S S 

h (Uy.D.E) : s' 3 

and by the Generation Lemma (Lemma I3.4f iii)) we have: 

h D : si and y : D h E : s' 2 

where (s'i^^s^) G 7?.. 

Now by the substitution lemma (Lemma 13. 2|) . (|5.2|) and, if needed, subject reduction 
(Lemma I3.6P h si : s' 2 . 

By Lemma l3^4T i) this contradicts ($$si), so AX has no HPTS equivalent. □ 

Theorem 5.5. X T , X2, Xu, Xu, XP2, APw, AC, AAUT-68, AAUT-QE, APAL, AU and 
AHOL have no equivalent HPTSs. 

Proof. By Lemma 15.31 and Theorem 15.41 □ 

Note that ($$s) is not satisfied by any sort s in A* and ACoq. For A~^ ($$*) holds but 
($*, S2, ...,*) does not for any s 2 , ■ ■ ■ For AP ($$*) fails, ($$□) holds but ($□, s 2 , . . • , □) 
does not for any s 2 , ■ ■ ■ 
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6. How to Prove (abstraction) and (product) 

In implicational logic the D-introduction rule is T,A h B =4> T \- A D B. The hypothesis 
A in T, A h B is cancelled in T h A D B. This rule is proved in a Hilbert-style system by 
induction on the number of steps in a derivation that allows hypotheses. We assume that 
an hypothesis can be cancelled in the previous step (or steps) and use this to show it can 
be cancelled in the next. In intuitionistic and classical implicational logic three cases are 
needed and each requires the Hilbert-style system to have a particular axiom or theorem. 
If the hypothesis p is itself the step in the deduction we need 

If the deduction step is an axiom or another hypothesis than p we need 

h q D p D q. 

If the deduction step comes by modus ponens from 

p h q and p h q D r , 

we need 

h (p D g D r) D (p D q) D p Z) r. 

Note that the three theorems we require represent the simple types of the combinators 
I, K and S (when D is replaced by — >). 

In illative combinatory logic, the introduction rule for E (restricted generality) is T, Ax h 
Bx => r,L^4 h EAB, where L is a constant, x £ FV(T, A, B) and Ax is the hypothesis 
being cancelled. In the proof of this rule in a Hilbert-style system, (see Bunder [2]), the 
first two cases are similar to those for the proof of implicational introduction. The third 
is the case where T, Ax h DM is derived from T, Ax h ECD and T, Ax h CM. Again, by 
induction, we assume that the E-introduction step can be applied to the previous steps. 

The axioms of the Hilbert-style system, when rewritten with U — > V for FUV = 
Xx .EC/ (Xy .V (xy)) are: 

h... [(A^A)I] 

h . . . [(A -» B -> A) K] 

h . . . [((^ -> B -> C) -> (A -» 5) -» A -> C) S] 

where . . . represent conditions involving L on A, B and C. 
These are type assignment statements for I, K and S. 

It might be thought that this same technique could be employed for PTSs, using type 
assignment statements for I, K and S, of the form h (. . . I) : (. . . A — ► ^4) etc and with 
hypotheses of the form x : A. This however may not work. 

If we have a PTS with (c : s±) 6 A and can prove x : c h B : S2 and/or x : c h M : B, 
perhaps with M = x, c = B, it may be that (product) and (abstraction) cannot be applied 
because (si, S2, S3) ^ 7Z for any S3. 

This does not mean that x : c can never be cancelled. We may obtain: 

x : ch P : (Uy.D.E) and x : c h Q : D 
where x : c cannot be cancelled, as, even if we have 

x : c h (Uy.D.E) : S2 and x : ch D : S3, 
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(si, S2, S4) and (si, S3, S5) may not be in 1Z for any S4, S5 G 5. However if 

x : c h : E[y := Q] , x : c h P[y := Q] : S6 and also (si, S6, S7) G 7?., 

so that h (Hrx.PQ) : S7, we can cancel x : c to give 

h (Axx.PQ) : (nx:c.P[y := Q}). 

This PTS therefore does have theorems not in A, but it is hard to determine the HPTS 
corresponding to it. 

7. SUPERSORTED PTSS 

PTSs that have equivalent HPTSs are A* and ACoq (both versions), but these belong to a 
larger class that has the following property: 

Definition 7.1 (Supersorted). A PTS is said to be supersorted if: 

(Vc G C)(3s G S) (c : s) G ,4 and (Vsi, s 2 G <S) (3s 3 G 5) (si, s 2 , s 3 ) G 7£. 
For supersorted PTSs (abstraction) can be simplified. 

Theorem 7.2. In every supersorted PTS (abstraction) can be replaced by: 

T,x : A\- M : B 
T h (kllj : {Ux:A.B) . 

Proof. If 

T,x : A h M : B 

by Lemmas I3.7f ii) and 13.51 we have, for some si,S2 G S: 

r h A : s\ and either r, x : A h P : S2 or B = s for some s G 5 . 

If the PTS is supersorted we have, for some S2, (s : s 2 ) G A in the latter (£> = s) case, and 
so the result of the former case by Lemma l3.7f i). 

Hence by (product) and supersortedness we have, for some S3 G 5, 

T h {UxA.B) : s 3 

and by (abstraction) we have 

T h {XxA.M) : (UxA.B). 

For a supersorted PTS AX we define a corresponding HPTS XX h , which in Theorem 
19.41 is shown to be equivalent to XX h . 

Definition 7.3 (Corresponding HPTS). If AX is a supersorted PTS with specification 
(S,A,TV) the corresponding HPTS \X h has specification (<S, A, B), with as members of B 
the following theorems of AX: 

Axiom ni \- h [Au:si.A-u:(nx:ii.S2) • Ux:u.vx] : [nw:si.n7;:(nx:n.S2).S3] for (si,S2,ss) G 1Z. 
Axiom II \- h [Ax:si.Ay:x.y] : [nx:si.ny:x.x]. 

Axiom Kl \- h [Xx:si.Xy:s2.Xz:x.Xu:y.z] : [nx:si.ny:s2.nz:x.H'u:y.x]. 
Axiom SI \- h [Xu\si.Xv:(Tix\u.S2).Xt:(Iix\u.(Tly:vx.Sz)).Xw:(Jlx:u.Tly\vx.txy). 
Xz:(Ux:u.vx).Xx:u.wx(zx)} : 

[Hu:si.n?;:(nx:u.S2).ni : (Jix:u.(Iiy:vx.s^)) .Uw:{U.x:u.Iiy:vx .txy) . 
Uz:(Tlx:u.vx) .Ux:u.tx(zx)]. 
and additional axioms of B generated by (I) and (II): 
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(I) If (M : A) G B, A ^ S and A' is obtained from A by replacing any second occurrence 
of an Si in A by any Sj not in A, then if h A' : s for s G <S, (A' : s) € B. Any 
conditions on (M : i) £ B not required in the proof of h A' : s are not part of the 
new axiom. 

(II) If ([Xx 1 :A 1 . . . \xi_i-.Ai_x . Uxf.Ai.B] : [Jlxy.Ax . . . lixi-Y-A^i . s]) G B and s' G B 
satisfies h (Xxi:A\ . . . Xxi'.Ai.B) : (IIxi:j4i . . . Uxi'.Ai.s'), then 

([Axi:^i . . . Xxi-.Ai.B] : \Kx x :A x . . . ILc^.s']) G i3. 

Note. The s\,S2, ■ ■ ■ ■ in Axioms II, Kl and SI are sort variables that can be replaced by 
arbitrary elements of S. In the axioms generated by (I) and (II) there are restrictions on 
the sorts that can be substituted for such variables based on the PTS provability of the 
judgements mentioned. 

Given a PTS AX, we will assume below that XX h is the corresponding HPTS. 

Theorem 7.4. //, for a supersorted PTS, \~ h M : A then h M : A. 

Proof. By induction on the derivation of \~ h M : A. 

If \- h M : A is one of the axioms of A, III, II, Kl or SI, or is generated by (I) or (II), 
we have h M : A. 

The (application) and (conversion) cases follow from the induction hypothesis. 
The (subject reduction) and (type reduction) cases follow from the induction hypothesis 
and Lemma 13.61 □ 

Lemma 7.5. In a HPTS corresponding to a supersorted PTS, 

(i) If {M : A) € A U B then there is an s G S such that (A : s) G A U B. 

(ii) // ([Xxi:Ai . . . Axj_i:j4j__i . Ilxi-.Ai.B] : [Uxi'.Ai . . .Uxi-i:Ai^i . s]) G B, there is an 
s' G S such that ([Xx^.Ai . . . Xxf.Ai.B] : [Uxf.Ai . . . Uxf.Ai.s']) G B. 

Proof. 

(i) If A G S this follows by supersortedness. 

If (M : A) G B and A £ S, we have h M : A by Theorem [73] and h A : s, for some 
s G 5, by Lemma [331 
Hence (4 : s) G £ by (I). 

(ii) If ([Xxr.Ai . . . Axj_i:Aj_i . Uxf.Ai.B] : [ILci:^ . . . LLci-i^-i . s]) G by Theorem 
17.41 and Lemma l3.4f iv) and (hi) we have, for some s' G S, 

x\ : A\ . . . Xi : A{ h B : s f . 

(abstraction) and (II) then give the result. □ 

We also need an extension of XX h that allows hypotheses. 

Definition 7.6 (XX h+ ). If XX is a PTS, XX h+ has all the postulates of XX h , also with 
nonempty contexts, and the (start) and (weakening) rules of AX. 

Lemma 7.7. \- h+ M : A oh h M : A. 

Proof. Immediate because in a derivation of \- h+ M : A no (start) or (weakening) rule can 
be used. No nonempty context can be emptied in XX h+ . □ 
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The extra axioms of B generated by (I) we will need in the proof of the Correctness of 
Types Lemma for XX h+ (if T h h+ M : A then T \- h+ A : s for some s). 

Those generated by (II) we need in the proof of (abstraction) to show that, if we 
have r h h+ (Ux:C.D) : a 3 , we also have for {s 1 ,s 2 ,s 3 ) G K, T h h+ C : si and T h h+ 
(Xx:C.D) : (Hx:C.S2), where the derivation of the latter is no longer than the derivation of 
r h h+ (Hx:C.D) : S3. The "no longer than" is needed for proof by induction to work. 

Many of the axioms are, in a sense, superfluous. We can for example, prove axioms 
114, 118 and nil (below) from Axiom Kl and Axiom 115 from Axioms 111 and 114. However, 
using fewer axioms can mean that the derivation of a T h h+ (Xx:C.D) : (Ux:C.S2) is longer 
than that of T h h+ (Ux:C.D) : s 3 . 

To illustrate that the axioms, generated by (I) and (II) above, form finite sets, we list 
all the ones generated by Axiom Ill(s- below is such that (s, : s'A G A). There are another 
six I axioms, another sixteen K axioms and twentynine more S axioms. 

112 h h [Uu:s 1 .Uv:(Ux:u.s 2 ).s 3 ] : s 4 . 

113 h h [Xu:s 1 .Uv:(Ux:u.s 2 ).s 3 ] : [n«:si.s 4 ]. 

114 h h [Au:si.s 2 ] : [Hu: Sl .s' 2 }. 

115 h h [nu:si.s 2 ] : S3. 

116 h h [\u:si.\v:(Hx:u.S2)-\x:u.vx] : [Tlu:si.Tlv:(T[x:u.S2).nx:u.s 2 ]. 

117 \- h [Uu:si.Ilv:(Ilx:u.S2).Ux:u.s 3 \ : S4. 

118 \- h [\u:si.\v:(J\.x:u.S2).s 3 ] : [Ilu:s 1 .Ilv.(Tlx:u.s 2 ).s' 3 \. 

119 h A [\u:si.Ilv.(T[x:u.s 2 ).TLx:u.Ss] : [IIu:si.S4]. 

niO \- h [\u:si.\v:(Hx:u.S2)-H-x:u.s 3 ] : [Hu:si.Hv:(Hx:u.s 2 ).S4\. 
nil \- h [\u:si.\v:(Hxu.S2)-\x:u.Ss] : [Hu:si.Hv:(Ux:u.S2).Hx:u.s' 3 ]. 

The axiom required by (I) for 111,118 and 1110 is 112, for IT3,n4 and 119,115, for nil, 
U7 and for n6 the instance of U7 where s 2 = s 3 . The axiom required by (II) for ni is n6, 
for n2 is n3, for n3 is n8, for n5 is n4, for III is n9, for n9 is niO and for niO is nil. 

Each axiom is an axiom scheme in the sense that it is an axiom for all si, S2, ■ ■ ■ for 
which it is provable in XX. Thus most axioms (not n6) have some restrictions, other than 
Si : s[ G A, for example (si,s 2 ,S5), (s5,s 3 ,S4) G TZ in n3. Some of these restrictions will 
appear in (the proofs of) some of the lemmas for XX h+ below. 

We will show later that in XX h+ , for a suitable XX, (product) and (abstraction) are 
admissible and that the theorems of XX h+ are exactly those of XX h and XX. 

8. The Correctness of Types Lemmas for XX h+ 

To state and prove some preliminary lemmas we need some definitions. 

Definition 8.1 (major premise chain). A major premise chain (mpc) in a derivation is 
a sequence of judgements starting with one formed by a (start) rule or an axiom. The 
remaining judgements of the chain are obtained by (weakening), (application) or (conver- 
sion), with the previous judgement as major premise, or by (subject reduction) or (type 
reduction). The minor premises in (weakening), (application) and (conversion) rules for 
which the major premises are in an mpc, will be called the minor premises attached to the 
mpc. 

The final judgement of an mpc that is not a proper part of a larger mpc, must be the 
final judgement in a derivation, a judgement that is the premise for a (start) rule or the 
minor premise in a (weakening), (application) or (conversion) rule. 
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Any derivation is therefore made up of linked mpcs. 

Definition 8.2. An mpc is said to be long if it starts with an axiom of the form 

h h+ [Xxr.Ax . . . \x n :A n .N] : [Uxr.Ax . . . Ux n :A n .A n+1 ] (8.1) 

where n > 0, N is one of x\ , . . . , x n or is formed by application from (some of) x\, . . . , x n 
and the mpc has at least n (application) steps and (subject reduction) steps that reduce all 
of the n Xxi redexes. An mpc is short otherwise. 

A derivation is short if it has no long mpcs and long otherwise. 

Definition 8.3 (Application Length - alength). The application length or alength of a 
derivation is its number of (application) steps, where steps in identical minor premises in 
the derivation, are counted only once. 

A derivation of lesser alength than another will be called ashorter, one of greater alength 
alonger. 

Note. One derivation of a judgement may be shorter (in length) than another without 
being short. 

Lemma 8.4. If the final mpc in a derivation of 

r \- h+ M : A. (8.2) 

is long, it starts with an axiom of the form ()8.1|) and the (subject reduction) step that reduces 
the \x n redex comes directly after the nth (application) step, then that derivation of (|8.2p 
can be replaced by an ashorter one. 

Proof. This has to be proved for each of the axioms of B that is of this form. We will prove 
it for Axiom S8, below, the proofs for other axioms are similar. 

S8 [Xy 1 :s q Ay 2 :(Ux:y 1 .s r ).Xy 3 :(Ux:y 1 .Uy:y 2 x.s t ).Xy4:(Ux:y 1 .Uy:y2X.y 3 xy). 
Xy 5 :{Ux:yi.y 2 x).Xy6:yi.y 3 y 6 {y 5 yQ)] : 
[Kyi--s q .n.y 2 :(IIx:yi.s r ).ny 3 :(nx:y 1 .ny:y2^ 
U.y 5 :(Ux:y 1 .y2x).Uy 6 :y 1 .s t )}. 

Let the minor premises in the six (application) steps involving Uyi to Uy§ in the long 
derivation of (|8,2p be, for 1 < i < 6: 

where E\ =g s q , E 2 =p Ux:Yi.s T , E 3 =p Ux:Yi.Uy:Y 2 x.st, E 4 =g (Ux-.Yx.Uy.Y2x.Y3xy), 

E 5 = p Ux-.Yx.Y2x, E 6 = Y U A =p s t and Y 3 Y 6 (Y 5 Y 6 ) M. 

Then for some Y* , Y\ -^p Y* and E% -^p Y* and for some R[x], Y 2 x -^p R[x], 

E 3 Ux:Y?.Uy:R[x].s 3 and E 5 ^ Ux:Y{ .R[x]. 

Note that as contexts can only grow, each Tj for 1 < i < 6 is an initial segment of 
Now by (weakening), (subject reduction), (type reduction) and just three (application) 

steps we get from three of these minor premises: 

T 6 h h+ Y 3 Y 6 : Uy:R[Xi].8 t , 
T 6 h h+ Y 5 Y 6 : R[Xi] 

and so 

T 6 h h + Y 3 Y 6 (Y 5 Y 6 ) : s t 
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which, as Y 3 Y 6 (Y 5 Y e ) -»p M, gives (jOl . 

We now have a new derivation of (|8.2p . which, given that any (application)s in the two 
uses of Tq\- Yq : Eq are counted only once, has fewer (application)s, and so is ashorter than, 
the old derivation of (|8.2|) . 

Lemma 8.5 (Shortness Lemma for HPTS + ). Every valid judgement in a HPTS + has a 
short derivation. 

Proof. We prove this by showing that for every long derivation there is an ashorter derivation 
of the same judgement. 

Assume that the following is the part of a long mpc, in a long derivation, up to the \x n 
reduction, together with the minor premises used in the n (application) steps. 

h' l +Tx : Hxi-.Bo.Co 



Ti h h+ Ti 


: Ilxi-.Bi.Ci 




Ti h h+ Xi : 


Bi 




Ti h /l+ T x Xi 


: d[xi := 


Xi] 




r 2 h ft + t 2 


: Tix 2 :B 2 .C 2 




T 2 h' l + X 2 : 


B 2 




r 2 h' l + t 2 x 2 


: C 2 [x 2 := 


x 2 ] 




P L_h+ rp 

1 n 1 - L n 






Tn X n 


■ B n 






■ C n [x n . — 


■■Xn] 






X h h + (Xx n :A' n 


.N')X' n Yi . 


■ ■Y k :D 






+i h h+ N'[x n : 


= X' n ]Yi . . 


■ Y k : D 





Here \- h+ T\ : Hxi:Bq.Cq is an axiom of the form (18. ip with N made up of (some of) 
xi, . . . , x n , T n —H-p Xx n :A' n .N' and X n X' n . The first, second and nth of the n or more 
(application)s and the (subject reduction) contracting the Xx n redex are explicitly shown. 
The steps after the nth (application) only alter T n by reducing it, so steps can be permuted 
so that the \x n reduction takes place straight after the rath (application) step as follows: 

f^n ^ ^ T n . Tlx n .B n .C n 

T„ h' l + \x n :A' n .N' : Tix n :B n .C n T n h h+ X n : B n 

r„ h' 1+ {\x n :A' n .N')X n : C n [x n ~ X n ] 

r„ h' l+ N'[x n := X n ] : C n [x n X n ] 

r n+1 \- h +N'[x n :=X' n ]Yi...Y k : D 
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This new derivation is no alonger than the original, but the part up to T n \- h+ N'[x n := 
X' n ] : C n [x n := X n ] is long and can be replaced, by Lemma I8~4"l by an ashorter derivation, so 
the whole derivation becomes ashorter. (If the derivation had identical mpcs to the above, 
which were all minor premises in the same mpc, all would have to be altered as above to 
ensure that the new derivation is not alonger than the old.) 

In the remaining lemmas and theorems we use a different measure of length of a deriva- 
tion, where "similar" subderivations are counted only once. 

Definition 8.6 (Similar). Two derivations are said to be similar if they are identical or 
one, in its final mpc, starts with an axiom of B of the form (|8,ip . and the other differs only 
in that its final mpc starts with an axiom of B generated from the other by one or more 
applications of (II). 

We now define: 

Definition 8.7 (Similarity Length - slength). The similarity length (or slength) of a deriva- 
tion is given by: 

(i) the number of (application) steps, 

(ii) the number of (conversion), (start) and (weakening) steps. 

Similar derivations ending in the two premises of a (weakening) step, are counted only once. 

A derivation of lesser slength than another will be said to be sshorter and one of greater 
slength as slonger. 

Lemma 8.8. Given, for s' € S, a short derivation of: 

T h h+ Ux:B.C : s', (8.3) 

there is, for some s € S, a derivation, no longer or slonger than that of (|8.3p . of 

T h h+ Xx:B.C : Ux:B.s. (8.4) 

Proof. Consider the first judgement in the final mpc in a short derivation of (|8.3p . This 
cannot be an axiom of A or be formed by a (start) rule, so it is an axiom of B of the form 
dH]), where N = Ux.B'.C and A n+1 = s'. 

If in this mpc we replace this axiom by the one generated from it by (II), then using 
exactly the same steps and minor premises we obtain a derivation of (|8.4p of the same 
length. 

In this final mpc there are no (weakening) steps in which the premises are similar, until 
perhaps after the last (application) step, as, until then, no type can be in S. If, at that 
stage, (|8.3p is formed by one or more (weakening) steps (and perhaps (subject reduction)) 
from r~ h h+ Y[x:B°.C° : s' and similar minor premises such as \- h+ D : s', these are 
counted only once each in the slength. In the derivation obtained by changing the axiom, 
the above derivations remain similar and so the slength of the derivation remains the same. 

□ 

Lemma 8.9 (Correctness of Types for HPTS + ). If XX is supersorted and 

r \- h+ M : A, (8.5) 

then, for some s 6 S , A = s or there is a short derivation, of slength no more than that of 
a short derivation of (|8.5p . of 

Th h+ A: s. (8.6) 
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Proof. By induction on the number k, of judgements in the final mpc of a short derivation 
of r \- h+ M : A, where A(£S. 

If k=l and (|8.5p comes by a (start) rule from 

r - h h+ A ■ s, (8.7) 

where M = x and V = T~,x : A, (18.6|) comes from two copies of (|8.7j) and (weakening). 
The two derivations of (18. 7p are counted only once, so this derivation of (18.6H is no slonger 
than that of ([53]) . 

If (|8.5p is an axiom we have (|8.6p by (I) or by supersortedness. 

We now assume k > 2. 

If (|8.5p comes from V \- h+ M : A and T' S : s', by (weakening), where s' G 5, 
A ^ iS and T = T', x : -B, these derivations are both counted in the slength of the derivation 
of (|8.5p . We have, by the induction hypothesis, r' \- h+ A : s, by a derivation no slonger than 
that of r' h ft+ M : A, for some s£<S and we obtain (|8.6p by (weakening), by a derivation 
that is no slonger than that of (|8.5p . 

If (|8.5p comes from T h ?i+ A?" : A, by (subject reduction), we have (|8.6p by a derivation 
no slonger than that of (|8.5p . 

If (|8.5p comes from T h ft+ M : B, by (type reduction), we have F : s by the 

induction hypothesis and (|8.6p by (subject reduction), by a derivation no slonger than that 
of (1831) . 

If (|8.5p comes from T h^ - " 1 " M : by (conversion), we have (|8.6p by a derivation sshorter 
than that of ([83]). 

If (J83D comes from T h h+ P : Ux:B.C and T h h+ Q : B, where M = PQ and 
A = C[x := Q], by (application), we have by the induction hypothesis, T \- h+ Hx:B.C : s' 
for some s' € S, by a derivation no slonger than that of T \- h+ P : Iix:B.C. Then by 
Lemma l8.8l we have V \- h+ \x:B.C : Tlx:B.s, for some s £ S by a derivation no slonger than 
that of T h ft+ P : Ux:B.C. Then by (application) using T h h+ Q : B we have (j8~31) by a 
derivation no slonger than that of (18. 5p . □ 

Lemma 8.10 (Start Lemma for HPTS+). // 

T,x : A \- h+ M : B (8.8) 

then, for some s € S, 

r h h+ A : s. 

Proof. By an easy induction on the derivation of (|8.8p . □ 



9. The Equivalence Results 
Lemma 9.1. If XX is supersorted, (abstraction) is admissible in XX h+ . 
Proof. If AX is supersorted we prove that if 

T,x : A \- h+ M : B (9.1) 

then 

T h h+ (\x:A.M) : (Ux:A.B) (9.2) 
by induction on the slength of a short derivation of (|9.ip . 
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Case 1. (I9.ip comes by (start) (and (type reduction)) from 

Fh h+ A : s 

where M = x and A — B. 

By Axiom II and (application) (and (type reduction)) we have (|9.2p . 
Case 2. (|9.ip comes by (weakening) (and reduction) from 

T h h+ M' : B' and T \- h+ A : s 2 

then by the Correctness of Types Lemma (Lemma I8.9|) or supersortedness, for some s\. 

r h ft+ B' : si 

and (19. 2p follows after three (applications) applied to Axiom Kl (and reduction). 
Case 3. (|9.ip comes by (conversion) (and reduction) from 

r, x : A h h+ M : C , T,x : Ah h+ B' : s 2 and C =p B' -»p B. 

By the induction hypothesis and (subject reduction) we have: 

T h h+ (Xx:A.M) : (Ux:A.C) (9.3) 

and 

r h h+ (Xx:A.B) : (nx:A.s 2 ) 

where Ilx:A.C =p Tlx:A.B. 

We have by Lemma [8^91 applied to (|9.ip . for some s\, 

V \- h+ A : si 

and, by supersortedness (s±, 82,83) G TZ for some S3, so by Axiom 111 and (subject reduc- 
tion), 

r \- h+ (Ux:A.B) : s 3 , 
hence by (|9.3p and (conversion) we have (|9.2p . 
Case 4 (|9.1|) comes by (application) (and reduction) from 

T,x : Ah h+ P : (Uy.C.D) (9.4) 

and 

T,x : A\- h+ Q:C (9.5) 
where PQ -»p M and D[y := Q] -h-^ B. 

By the Correctness of Types lemma we have for some S4 G 5, by a derivation no slonger 
than that of ([P]) : 

r,x : Ah^ (ny:C.D) : s 4 (9.6) 
now by Lemma 18.81 we have for some S3 £ 5, by a derivation no slonger than that of (|9.4p . 
and so sshorter than that of (|9.4p : 

T,x: A h h+ (Xy.C.D) : (Uy:C.s 3 ) (9.7) 
Now by the induction hypothesis applied to (|9.4p . (|9.5p and (|9.7p we have: 

T h h+ (Xx:A.P) : (nx:A.ny:(7.£)) (9.8) 

r h h+ {Xx:A.Q) : (Ux:A.C) (9.9) 

T h A+ (Ax:A.Ay:C.D) : (Ux:A.Uy:C.s 3 ) (9.10) 
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also by the Correctness of Types Lemma applied to (19.9P we have for some S4 € S 

T h h+ (Ux:A.C) : s 4 

and by Lemma 18.81 for some s 2 € S 

r h h+ (Xx:A.C) : (Ux:A.s 2 ) (9.11) 

now by Axiom SI, T h h+ A : si, (obtained as in Case 3) ([9TTj) . ([910]) . (|93]) . (|9^) and five 
(application)s, (subject reduction) and (type reduction) give (|9.2|) . (Note that in Axiom SI 
s\, s 2 and S3 (here s\, S5 and s 2 ) can be arbitrarily chosen in a supersorted PTS). Q 

Lemma 9.2. If XX is supersorted (product) is admissible in \X h+ . 

Proof. If T \- h+ A : s\,T,x : A \~ h+ B : s 2 and (si, s 2 , s 3 ) € 71, by Lemma EH 

T h h+ Xx:A.B : Ux:A.s 2 

so by Axiom III, (application) and (subject reduction) we have 

T h Ux.A.B : s 3 . □ 

Lemmas 19.11 and 19 . 21 show that a theorem that can be proved in XX h+ , using hypotheses, 
(abstraction) and (product), can also be proved in XX h . So: 

Theorem 9.3. If \X is supersorted it is equivalent to \X h+ in that they have the same 
valid judgements. 

Proof. By Theorem 17. 44 XX h is a subsystem of XX. The additional rules of XX h+ are 
rules of XX, so XX h+ is a subsystem of AX. The extra rules of AX have been shown 
to be admissible in XX h+ in Lemmas 19.11 and 19.21 so XX h+ and AX have the same valid 
judgements. □ 

Theorem 9.4. If XX is supersorted XX and XX h are equivalent in that they have the same 
theorems. 

Proof. It follows from Theorem 19.31 that AX and XX h+ have the same valid judgements 
with empty contexts i.e. theorems and so by Lemma 17.71 that AX and XX h have the same 
theorems. □ 



10. Axioms I, K, S and n as Types 

Axioms II, Kl and SI can be rewritten in terms of type free combinators (allowing 77- 
reduction) as: 

Axiom II h KI : (Tlx:si.Tly:x.x). 

Axiom Kl h K(KK) : (Ylx:si.TLy:s2-Tlz : y.Hw.x.y). 

Axiom SI h K(K(KS)) : \Ru:si.Ilv:{Iix:u.S2).Tlt:{Ilx.uJly:vx.s 3 ). 

Hw:(Tlx:u.Tly:vx.txy).Tlz:(n.x:u.vx).Tlx:u.tx(zx)]. 

These give the standard types of the combinators (writing A — > B for Ux:A.B when x ^ 
FV{B)): 

h A : si =^ h I : A -> A 
h A : si,h- B : s 2 => h K : B A B 
V- A : si,h B : A -> s 2 , h C : (Ux:A.Uy:Bx.s 3 ) h S : nw:(Ux:A.Uy:Bx.Cxy). 

Iiz:{Ilx:A.Bx).Ux:A.Cx(zx) 
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or, as a special case 

h A : s u I" B' : s 2 , h C : A -► B' -► s 3 => hS: (A —> B' —> C) -► (4 -> B') -> (A -> C") 

If IIx:f7 . Vx, where x ^ FV(f7V"), were represented as GUV (as it is in ICL), Axiom 111 represents 
the type for G (or Xuv . Hx:u . vx): 

h G : (Hu:si . Wv:(Wx:u . s 2 ) • S3) or h G : (IIu:si . (u — > ,s 2 ) — > S3). 



11. Identifying A and II 

In the de Bruijn AUTOMATE! systems II and A are usually identified. Kameraddine has studied 
the effect of allowing /3-reductions in the (former) II terms in [5]. Doing this Axiom II becomes: 

h KI : (Xx:s\ . Xy:x . x) 

and similarly for the other axioms. If we write the type in terms of combinators we can get (depending 
on the algorithm) 

h KI : S(KK)I or h KI : K. 



12. Conclusion 

We have shown that PTSs come in at least three categories: those satisfying ($s) and ($$s) that 
have no equivalent HPTS, those satisfying {%s\ . . . s n ) that have only a trivial equivalent HPTS and 
supersorted PTSs, such as ACoq, that have a nontrivial equivalent HPTS. The standard PTSs from 
the literature that we considered all fit into these categories. 
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